1. Field of the Invention
Embodiments of the disclosure relate in general to the field of computers and similar technologies, and in particular to software utilized in this field. Still more particularly, it relates to controlling access to attribute information.
2. Description of the Related Art
In recent years, companies have become increasingly concerned about the security of their information and how it is used. As a result, a wide variety of security mechanisms have been implemented to not only authenticate users, but to also control their access to information. Companies are also becoming concerned about the internal and external distribution and release of information, including personally-identifiable information (PII), not only to individuals, but to applications as well. Accordingly, companies are beginning to implement data release policies to control application access to data.
However, their concerns extend beyond simply ensuring that users and applications can only access information to which they are entitled or authorized. Access to information must also be flexible, with different policies applied and enforced for users and applications alike. These concerns also encompass the need for controlling an application's access to identity and attribute information. As a result, there is a need to define and enforce controls for an application's access to information based on its related metadata. Currently, no means exist for providing policy-based, controlled access and release of attribute and identity information to applications. In view of the foregoing, there is a need for scalable and manageable access controls that provide enforceable release policies, not only for users, but for new and existing applications as well.